VMware Cloud on Dell EMC is a fully assembled and configured SDDC as a service offering that runs in your on-premises edge or data center location. Simply select the number and size of Dell EMC VxRail hosts needed in a deployment and leave the rest to VMware – we manage the lifecycle and operate this infrastructure as a cloud service.
Each VMware Cloud on Dell EMC SDDC rack deployment arrives ready to run your applications. But there are a number of integrations that most customers deem necessary for a new technology stack to become a seamless extension of the existing on-premises infrastructure.
For the next series of posts, I will be showing how to integrate the fundamental services of your enterprise, such as DNS, DHCP, and Active Directory authentication. In addition to that, we’ll review how to consolidate the administrative view of the new SDDC and your existing vSphere environment with hybrid linked mode (HLM). Later, we’ll wrap up the series with an overview of how to extend existing networks onto the new SDDC so that applications can migrate without the need to change IP addresses and without downtime – thanks to live migration with vMotion.
DNS on the VMware Cloud on Dell EMC SDDC
Let’s face it – no administrator or developer has ever enjoyed typing IP addresses. Besides being tedious and inefficient, it’s often difficult to remember specific addresses outside of a small lab network, and mistakes can lead to highly undesirable outcomes. By default, a new VMware Cloud on Dell EMC SDDC is configured to forward DNS resolution requests out to a well-known public DNS provider on the Internet. This is a fine approach for certain use cases – for instance, you’d still be able to download OS patches and updates with this setup – but not likely appropriate for a production data center deployment.
In order to use internal names, instead of IP addresses, to access your servers and services, you’ll need to configure VMware Cloud on Dell EMC SDDC networking so that your existing internal DNS servers can be queried.
Recall that VMware Cloud on Dell EMC is equipped with NSX-T, which is one great benefit of the fully managed SDDC as a service. Traffic in and out of the SDDC is split between two NSX-T network gateways. The management gateway handles traffic to vCenter Server, VMware ESXi hosts, and certain other essential communications. The compute gateway is for your VM workloads and it routes traffic from one or more network segments on the SDDC to other networks outside of the rack.
An NSX-T gateway exposes one or more IP endpoints to support network services such as DNS or VPN. As an aside, these addresses are allocated from the SDDC Management Network – a /24 CIDR subnet that is specified during initial SDDC ordering phase – and this is one of the reasons why this network must be routable within your data center.
The DNS Service IP is an address that the management components or workloads use for name resolution services. This is accomplished via a forwarding service on each gateway that queries upstream DNS servers. You can optionally set up several different upstream destinations that are directed conditionally, depending on the FQDN. This offers great flexibility for complex environments, but most deployments should be satisfied by pointing to a set of centralized corporate DNS servers.
If you decide to connect your existing vSphere environment with the new SDDC through HLM, or if you intend to perform migrations from one to another, the management DNS service must be integrated with your existing naming services. In order to execute these workflows, the VMware Cloud on Dell EMC SDDC will need to resolve and connect to your existing vCenter Server environment.
On the other hand, the compute gateway DNS service is used by the guest operating systems to resolve other services in your environment such as databases, services, or administrative operations like patch management. If necessary, the two gateways can point to different upstream DNS services.
To change the default upstream DNS server addresses, simply log into the VMware Cloud Services portal and navigate to the Networking & Security section. The DNS settings are on the lower left navigation under the System heading, as shown below:
Keep in mind that these DNS configurations are completely transparent to applications on the SDDC. Workloads connected to a network segment and configured to use the built-in DHCP server will be automatically assigned the DNS Service IP on the compute gateway. The client is unaware of the forwarding mechanics described above. As you can see in the image below, the guest OS has obtained the DNS Service IP (10.174.68.141) as its sole DNS server. Resiliency is provided by NSX-T internals, so multiple addresses are not needed as they would be with more traditional networking.
Takeaway
VMware Cloud on Dell EMC is built from the full VMware SDDC stack, including NSX-T for network virtualization. This enables administrators to have flexible control of DNS services that the management and compute components rely on for name resolution. VMware is still responsible for lifecycle management of the SDDC, but because this is delivered as a service, valuable IT resources can focus on running the business and not maintaining infrastructure.
